21.1 Debugging brainfuck

The 'bfdbg' IO plugin offers a debugging interface for a brainfuck virtual machine implemented inside the same plugin. Rabin can magically autodetect brainfuck files, so the 'e asm.arch=bf' will be defined if you use 'e file.id=true' in your ~/.radarerc.

The brainfuck disassembler decodes the bf instructions as complex instructions supporting repetitions. The translation would be:

+++++ -> add [ptr], 5

Also loops are automatically detected between the '[' ']' opcodes, so the code analysis will show nice jump lines there:

So.. as a fast overview, see that you can step, or step over all repeated instructions, continue the execution until an address, trace the executed opcodes with data information (bytes peeked and poked) or trace until syscall.

Obviously all these commands can be used from the visual mode..so press 'V<enter>' in the radare prompt and use these keys: